FUNCTION NAME – PURCHASE OPERATIONS

Client Name Testing Period Head of Department

Function / Department Narrative

The purpose of the purchase department is to ensure purchases are made at the lowest cost and in a timely manner. Depending
on the size of the entity, the purchase department could be broken up into various specialities, for e.g. raw materials, packing
materials, stores & consumables, CAPEX. The entity may also follow a centralised purchase department strategy or a
decentralised purchase strategy.

Audit Function
In accordance with the audit assertions our primary purpose is to ensure at a transaction level – occurrence, completeness, cut-off,
accuracy and classification. At a management level we test the audit principle of conservatism & prudence. We also ensure that
business operations are performed efficiently and effectively.

Risk Matrix
The risks applicable to the purchase function can be classified broadly into:
1. Risk of Uncompetitive Purchase Prices (due to higher rates);
2. Risk of Operational Inefficiencies (inventory build-up / shortage due to excess / lower purchase);
3. Risk of Fraud or Embezzlement (due to dummy orders, preferential purchasing etc).

Organisation & Location Structure

The organisation structure of the department.

List of People / Locations Attachment Reference System Code / Report Name

Manual / System PO Creation rights
System PO Edit rights
System PO View rights
Manual / System PO Approval rights
System PO deletion rights
System Post-Edit PO Approval rights
Currently inactive but had PO Creation /
Edit rights in past 12 months
Involved in function but outside the
system (i.e. email / verbal)
Locations (including virtual locations i.e.
cost centres)

List of Documents / Reports

All relevant documents & reports used by or created by the function / department

Common Name Client Specific Name System Code / Report Name

Standard Operating Procedure (SOP) –
Purchase Manual
Purchase Requisition – PO Dump
Purchase Order (PO) Dump
PO - Goods Receipt Note (GRN) Dump
Open Requisition Dump / Ageing
Open PO Dump / Ageing
Open GRN Dump / Ageing
Open Invoice / Creditors Ageing
Deleted PO dump
Amended PO dump
Other MIS reports generated and used.
Master Data Dependency by Function
All relevant masters utilised by the function.

Common Name Client Specific Name System Code / Report Name

Vendor Master with all details
Item Master with all details
Rate master with all details

Transaction Level Operations & Controls

The controls / operations performed on a transaction level

Purchase Operations Testing Procedure

Purchase Request Validation
Purchase requisitions are received Requisition Date vs. Indent Date
directly by purchase department and a. Delays in making purchase
acted upon on a timely basis. b. Confirmatory Indents
Delivery schedule & timeline is Inquiry / Walkthrough & Screenshot
mentioned on indent / communicated to
purchase department.
Compliance with authority matrix is Random Sampling
verified for purchase requisitions prior to
purchasing operations.
Budgetary allowance is verified before Inquiry / Walkthrough & Screenshot
commencement of purchasing
operations.
Pre-Purchasing Operations for Technical items
List of technical items is maintained and Inquiry / Walkthrough & Screenshot
available with all users in purchase
department.
Vendor discovery / development is Share of Business Working / Single
carried out periodically to constantly Source Purchase Working
expand vendor universe.
Samples are sought from new vendors Inquiry / Walkthrough & Screenshot
and sent to user department for testing
and approval.
Minimum 3-4 approved vendors are Share of Business Working / Single
developed for all technical items. Source Purchase Working
Pre-Purchasing Operations for Costing Based items
List of costing-based items is Inquiry / Walkthrough & Screenshot
maintained and available with all users
in purchase department.
Costing based items are continually Repeat Purchases Working
explored and expanded. Say 3 “A/B”
class items every year.
Cost sheet of such items are reviewed Inquiry / Walkthrough & Screenshot
periodically and updated to ensure
correct costing, especially in case of
falling raw material prices.
Cost sheets are approved by relevant & Inquiry / Walkthrough & Screenshot
competent higher management.
Based on cost sheets, reverse auction
purchase strategy is implemented
whenever possible.
Pre-Purchasing Operations for Rate Contract Based items
List of rate contract based items is Inquiry / Walkthrough & Screenshot
maintained and available with all users
in purchase department.
List of rate contract based items is Repeat Purchases Working
continually explored and expanded i.e.
large repeat purchase which are not
commodity based items.
Rate contracts are negotiated for Random Sampling
optimum quantity and do not have
minimum commitment clause.
Rate contracts are periodically tested Inquiry / Walkthrough & Screenshot
with open market to ensure
competitiveness. Say once every
quarter / half yearly.
Rate contracts are valid and renewed Random Sampling
on a timely basis.
Rate contracts are approved by relevant Random Sampling
and competent authority.
Rate contracts are uploaded in system Inquiry / Walkthrough & Screenshot
and system controls ensure rate is auto
populated and is not editable at the time
of placing of PO & bill passing.
Pre-Purchasing Operations – Purchase Planning (Applicable to all types of purchases)
Approved & validated purchase Repeat Purchases Working
requests are consolidated for all
locations and negotiations are carried
out for bulk quantities, rather than in
piecemeal.
Inventory is verified at all locations, Inquiry / Walkthrough & Screenshot
ensuring idle inventory is optimally
utilised prior to fresh purchases.
In transit material and open orders are Inquiry / Walkthrough & Screenshot
adequately verified to ensure optimal
order quantity is adequately planned.
In case of industries with seasonal sales Inquiry / Walkthrough & Screenshot
demand, adequate forecasts are made
by production team and accordingly
purchase planning is carried out to
ensure optimum material availability.
Purchasing Operations
Request for Quotations (RFQ) is sent Random Sampling
out to all vendors on the same date.
Quotes are requested within a specified
period.
RFQ sent to various vendors is for the Random Sampling
same material specifications, quantity,
timeline for delivery, delivery location
and other terms.
A minimum of 3 quotes are invited for all Random Sampling
purchases even if single vendor is
approved, to ascertain premium paid.
Adequate negotiation is conducted for Repeat Purchases Working
costing-based items / items with single
approved vendors (based on
comparison with other non-approved
vendors).
Early payments discounts are Inquiry / Walkthrough & Screenshot
negotiated with vendors.
Quotes received are summarised in a Random Sampling
standard comparative quotation and
compared on a net landed cost basis
which includes all components such as
monetary benefit of credit period
offered, freight, insurance, duties, lead
time, quote expiry date, any other
charges.
Comparative statement is approved by Random Sampling
relevant / competent authority as per
authority matrix.
For chemicals, vendor wise production Random Sampling
yield is incorporated into comparative
statement.
For technical items / machinery, Random Sampling
electricity rating, wattage, no. of
operators, maximum per shift running
hours etc is incorporated into
comparative statement.
PO is prepared in system as per the User / Approver wise PO Working
system creation rights matrix.
PO quantity in excess of purchase Requisition Qty vs. PO Qty
requisition quantity (opportunity
purchases) are exceptionally approved
as per authority matrix.
PO rate is as per the approved quote in Random Sampling
the comparative statement.
For material orders on a CIF basis, Inquiry / Walkthrough & Screenshot
estimated freight cost is entered into the
system at the time of PO creation.
Other PO terms such as credit period Random Sampling
offered, delivery location, cost centre etc
are as per quotation / purchase
requisition.
Correct tax code is selected at the time Tax Code Working
of PO creation based on HSN code
provided in the quote.
PO is approved in the system as per User / Approver wise PO Working
system approval rights matrix.
PO amendments are made based on User / Approver wise Amended PO
valid available quotations and revised Working
comparative statement.
Amended PO is approved in the system User / Approver wise Amended PO
as per system amendment approval Working
rights matrix.
PO generated has standard terms and Inquiry / Walkthrough & Screenshot
conditions as approved by the legal
department. This includes late delivery
penalty clause, return on quality
rejection clause and other relevant
clauses to the industry.
PO is communicated to vendor on Random Sampling
timely basis after approval.
Open POs are tracked periodically and Open PO Age Working
followed up with vendor for material
delivery.
Master Entry Operations
Vendor master entry is made by filling Missing fields / Invalid fields working
all mandatory fields i.e. GST no., PAN
no., Address, Contact no., email id,
Bank Account Details etc.
Item master entry is made by filling all Missing fields / Invalid fields working
relevant fields.
Steps are taken to ensure duplicate Duplicate Vendor Working
vendor / item master codes are not Duplicate Item Working
created for same vendor / item.
Separate item code series is followed
for CAPEX, OPEX & trading items.
System Aided Controls
System prevents date editing at the time Inquiry / Walkthrough & Screenshot
of PO creation.
System automatically populates rate as Inquiry / Walkthrough & Screenshot
per rate contract master for rate
contract-based purchases.
If an item has been purchased before, Inquiry / Walkthrough & Screenshot
system automatically shows last
purchase price (across all purchasing
locations) at the time of PO creation.
If quote management application is Inquiry / Walkthrough & Screenshot
available, system auto populates rate as
per the approved quotation.
System automatically prevents quantity Inquiry / Walkthrough & Screenshot
in excess of purchase requisition
quantity without exceptional approval.
System by default allows only taxable Inquiry / Walkthrough & Screenshot
PO. (i.e. non GST based PO cannot be
created)
System automatically shows pop up on Inquiry / Walkthrough & Screenshot
open PO item (item yet to be delivered)
at the time of creating new PO.
System auto populates delivery location Inquiry / Walkthrough & Screenshot
as per purchase requisition.
System auto populates credit period as Inquiry / Walkthrough & Screenshot
per approved PO and applies the same
at the time of bill passing.
In System PO approval / amended PO Inquiry / Walkthrough & Screenshot
approval module is configured.
System automatically prevents editing of Inquiry / Walkthrough & Screenshot
PO once approved.
System prevents deletion of PO once Inquiry / Walkthrough & Screenshot
created.
PO once created automatically reduces Inquiry / Walkthrough & Screenshot
budget of cost centre of user
department.
System automatically prevents raising of Inquiry / Walkthrough & Screenshot
POs on blacklisted vendors.
System prevents short closure of POs Inquiry / Walkthrough & Screenshot
without exceptional approval as per
authority matrix.
System automatically populates Inquiry / Walkthrough & Screenshot
expected delivery date against purchase
requisition and is visible to the user
department.
System automatically classifies PO as Inquiry / Walkthrough & Screenshot
CAPEX or OPEX depending on material
code and prevents manual edit.
Other Operations of Purchase Function

Fraud Risk Testing (Due to inherent limitations of internal controls, fraud risks require additional steps for testing. Ensure
approval from senior before assessing these steps.)
Preferential quotations A control could be that common email id
(group id) is used for all users in
purchase department and whistleblower
 policy is developed.
Fake quotations
Irrelevant / invalid quotations i.e. for e.g.
quotes from vendors located at far
distances due to which freight costs
always make them uncompetitive.
Quotations without RFQs, suggesting
quotes were invited by department other
than purchase department.
Non quotation based purchases / non
rate contract based / single source
purchases.
Dealing with related parties (includes
management and employees).
Uncompetitive rate contracts.
Over purchasing of quantities.
PO Quantity splitting to circumvent
authority matrix.
Duplicate vendor code is created for
black listed vendors to allow
transactions.
POs are short closed and raised for
balance quantity at higher rates.

Management Level / Periodic Review Controls

The controls / operations performed on a periodic basis to ensure efficiency and incorporate key learnings.

Management Level Controls

Authority matrix for PO / amended PO Inquiry / Walkthrough & Screenshot
approval is defined & periodically
reviewed.
Authority matrix for closure / short Inquiry / Walkthrough & Screenshot
closure / deletion of PO is defined and
periodically reviewed.
Authority matrix for GRN reversal / Inquiry / Walkthrough & Screenshot
purchase return request is defined and
reviewed periodically.
List of Non-PO based purchases are Non PO based purchase workings
exceptionally generated and reviewed
periodically.
Confirmatory PO / GRN working is PO date vs. GRN date
exceptionally generated and reviewed
periodically.
Open POs (other than dishonoured) are Open PO age Working
reviewed periodically and closed.
Dishonoured POs are reviewed Inquiry / Walkthrough & Screenshot
periodically, and parties are black listed.
Short closed POs are exceptionally Short Closure PO working
generated and reviewed for actions.
Quality rejected materials are Inquiry / Walkthrough & Screenshot
exceptionally generated and reviewed
for actions.
Opportunity purchases are exceptionally Requisition Qty vs. PO Qty Working
generated and reviewed periodically by
higher management.
SOP for purchasing with at least all Inquiry / Walkthrough & Screenshot
controls mentioned here is captured and
circulated amongst all people relevant to
purchase process at all locations.
 Company diversifies it’s purchases Share of Business Working / Single
adequately and is not dependent on Source Purchase Working
single / few vendors.
User-wise no. of PO’s generated per User / Approver wise PO Working
month / quarter is reviewed and
monitored periodically.

Communication Controls
The controls / operations performed on a periodic basis to ensure effective communication between departments and or people
involved.

Communication Level Controls

Quality rejected materials / purchase
returns are communicated to vendor
and accounts departments.
Short delivery POs are reviewed and Random Sampling
communicated to vendors.
Vendor delivery schedule is Random Sampling
communicated to user department.
Dishonoured POs are communicated to Open PO working
higher management for blacklisting.
Incorrect invoices terms are Working done as part of Bill Passing
communicated to vendor. Function Review.

List of All Analytical Workings

A comprehensive list of all workings to test / ensure operations are running as desired.

Sr. Name Experience Exhibit

No. Level Reference
1 Requisition Date vs. Indent Date Article 1
Delays in making purchase
Confirmatory Indents
Open Requisition Age Working
2 Share of Business Working / Single Source Purchase Working Article 3
3 Repeat Purchases Working Article 3
4 User / Approver wise PO Working Article 1
5 User / Approver wise Amended PO Working Article 1
6 Requisition Qty vs. PO Qty Article 1
7 Tax Code wise PO Working Article 1
8 Open PO Age Working Article 3
9 Vendor Master: Missing fields / Invalid fields working Article 1
10 Item Master: Missing fields / Invalid fields working Article 1
11 Duplicate Vendor Working Article 1
12 Duplicate Item Working Article 1
13 Non-PO based purchase Working Article 3
14 PO date vs. GRN date Working Article 1
15 Short Closure PO Working Article 3

Log Name Date

Audit Commencement
Audit Finish
Review 1
Review 2
Review Finish